[Snort-users] Whad'ya do?

Aaron McKinnon aaron at ...1376...
Tue May 8 19:33:51 EDT 2001


ARIS is very cool! I just set it up and made it send a report right before
rotating the logs... I dig it.

-----------------------------------
Aaron McKinnon
System Administrator
Fullerene Productions, Inc.
3250 Wilshire Blvd. Suite 2000
Los Angeles, CA 90010
213.365.1692
-----------------------------------

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Ryan
Russell
Sent: Tuesday, May 08, 2001 2:58 PM
To: Dave.Hampel at ...1919...
Cc: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Whad'ya do?


On Tue, 8 May 2001 Dave.Hampel at ...1919... wrote:

> I was wondering..... I monitor my firewall logs and I get messages from
> Snort saying someone is scanning my network using FTP or SunRPC source
port
> (etc.) Great. Works as advertised. BUT what do you DO about it.
> Has anyone taken measures to actually stop or report these a*holes that
are
> wasting bandwidth?

<plug>
You might check out ARIS http://aris.securityfocus.com .  We give you a
way to manage reporting incidents to ISPs, among a number of other
features. It's also a way to be one more count against a particular
attacker even if you don't want to report things yourself.  It's free.
</plug>

				Ryan


_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users





More information about the Snort-users mailing list